-
Notifications
You must be signed in to change notification settings - Fork 2
43 lines (36 loc) · 1.35 KB
/
security.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
---
# SPDX-FileCopyrightText: Codacy Analysis CLI GitHub Action Group
#
# SPDX-License-Identifier: Apache-2.0
#
name: Security
on:
push:
branches: ["main"]
pull_request:
# The branches below must be a subset of the branches above
branches: ["main"]
# The branches below must be a subset of the branches above
types: [opened, synchronize, reopened]
schedule:
- cron: "37 2 * * 3"
permissions:
contents: read
concurrency:
group: ${{ github.ref }}-${{ github.workflow }}
cancel-in-progress: true
jobs:
Codacy_Analysis:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
uses: jmuelbert/commons/.github/workflows/codacy-analysis.yml@main
secrets:
token: ${{ secrets.CODACY_API_TOKEN }}
DevSkim_Analysis:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
uses: jmuelbert/commons/.github/workflows/devskim-analysis.yml@main